Git SSH "permission denied" in macOS 13 Ventura

Question

When I try to authenticate with an RSA SSH key in macOS 13 (Ventura), I get a Permission denied (publickey) error. However, when I use the same command against macOS 12 (Monterrey), it works correctly.

Answer 1

You need to generate a new set of keys based on a more secure hash algorithm. It is generally recommended to use ed25519 algorithm.

ssh-keygen -t ed25519 -C hello@example.com
ssh-add -A

---

In case you absolutely can't upgrade SSH (support added in OpenSSH 6.4) and you have to use RSA/SHA1 (e.g. the server accepts only RSA/SHA1 and you can't change that), add this snippet to the top of ~/.ssh/config on the client side (create the folder and file if it doesn't exist).

Host your-old-host.example.com
  HostkeyAlgorithms +ssh-rsa
  PubkeyAcceptedAlgorithms +ssh-rsa

It enables RSA/SHA1 both in host key and public key, should solve both this problem and related "no matching host key type found" problem.

Answer 2

macOS 13 (Ventura) ships with OpenSSH_9.0p1. According to the OpenSSH release notes:

This release disables RSA signatures using the SHA-1 hash algorithm by default. This change has been made as the SHA-1 hash algorithm is cryptographically broken, and it is possible to create chosen-prefix hash collisions for <USD$50K [1]

A workaround is described in this Reddit thread: SSH in Ventura

Perhaps a better solution is to generate keys based on a more secure hash algorithm. For the time being, I'm switching to ed25519, which can be generated like this:

ssh-keygen -t ed25519 -C "comment"

Answer 3

This solution works for me.

0. (Backup ~/.ssh/ folder)
1. If your ssh config and private/public keys are in /etc/ssh/ before upgrading the MacOS

• copy ssh_config to ~/.ssh/config
• copy all private/public keys to ~/.ssh/

2. Adding the following lines at the end of ~/.ssh/config

HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1

Answer 4

Please dont add this to Host *! This is terrible practice. The real solution is to upgrade the remote server to a version greater than OpenSSH 7.2. If that doesn't work, add it per host IP or in the command line command when connecting.

I.E. - ssh -oPubkeyAcceptedAlgorithms=+ssh-rsa {user@host}

You can check your client keys and see if they support SHA256 and if they do, then no new keys are needed at the moment. If it doesnt say SHA256, then toss those keys and get something stronger using ssh-keygen command.

ssh-keygen -l -f .ssh/id_rsa

Answer 5

Add the following to your ~/.ssh/config file

HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1

from https://github.com/sshnet/SSH.NET/issues/1003

Answer 6

A lot of the answers are just blindly throwing up new config options that aren't needed.

To solve this issue you can run the following command.

$ ssh-keygen -l -f ~/.ssh/id_rsa
3072 SHA256:/redacted /Users/myuser/.ssh/id_rsa.pub (RSA)

Then you can take a look at the supported public keys for your ssh config.

$ ssh -Q PubkeyAcceptedAlgorithms
ssh-ed25519
ssh-ed25519-cert-v01@openssh.com
ssh-rsa
rsa-sha2-256
rsa-sha2-512
ssh-dss
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-rsa-cert-v01@openssh.com
rsa-sha2-256-cert-v01@openssh.com
rsa-sha2-512-cert-v01@openssh.com
ssh-dss-cert-v01@openssh.com
ecdsa-sha2-nistp256-cert-v01@openssh.com
ecdsa-sha2-nistp384-cert-v01@openssh.com
ecdsa-sha2-nistp521-cert-v01@openssh.com

In most cases adding ssh-rsa will work or you can limit it to rsa-sha2-256 as well using the following. The other config people are posting is not needed in almost any case just the following line.

Host *
    PubkeyAcceptedAlgorithms +ssh-rsa

In the case that you are using ssh certs however you will want to run the following command on your cert.

$ ssh-keygen -L -f ~/.ssh/id_rsa-cert.pub
/Users/myuser/.ssh/id_rsa-cert.pub:
        Type: ssh-rsa-cert-v01@openssh.com user certificate
        Public key: RSA-CERT SHA256:/redacted
        Signing CA: RSA SHA256:redacted (using rsa-sha2-256)
        Key ID: "something"
        Serial: 123
        Valid: from 2023-04-04T13:19:10 to 2023-04-05T09:19:40

In this case you will need do add the Type field to the PubkeyAcceptedAlgorithms like so.

Host *
    PubkeyAcceptedAlgorithms +ssh-rsa-cert-v01@openssh.com

Answer 7

For PIV authentication

Granted, this deviates from the OP's issue with RSA keys.
I got the following error using ssh/PIV authentication after upgrading to Ventura:

Infinite reexec detected; aborting
banner exchange: Connection to UNKNOWN port 65535: Broken pipe

The fix was:

1. Remove or comment out the PKCS11Provider line in your ~/.ssh/config
2. Run the following commands:

   ssh-add -e /usr/lib/ssh-keychain.dylib
     #Note - above command may produce the error:  
     #   'Could not remove card "/usr/lib/ssh-keychain.dylib": agent refused operation'
     #This can be ignored; the file simply has no items to remove
   ssh-add -D
   killall -9 ssh-agent
   ssh-add -s /usr/lib/ssh-keychain.dylib
   

3. You should now be able to ssh

_{Note: If ssh still fails - The killall should have cleared all cached ssh process/keys/etc. A reboot will definitely clear any cached data that may be interfering.}